A man credited with helping to create the infamous Gozi banking malware has pleaded guilty in a US court.
Deniss Calovskis, 30, of Latvia was arrested in November 2012 and spent 10 months in the Baltic state’s cooler before being extradited to the USA, where he’s been behind bars ever since.
Last Friday, Calovskis appeared in the US District Court, pleaded guilty and pledged not to appeal against any sentence of less than two years, Reuters reported.
“I knew what I was doing was against the law,” Calovskis reportedly said in court.
The criminal coder was said to be the most skilled of the blackhats involved in the Gozi scheme and, we’re told, built web injects that target banking portals on Gozi-infected computers.
Calovskis was picked up in 2013 along with Russian national Nikita Kuzmin, Latvian Deniss Calovskis, 27, and 28-year-old Romanian, Mihai Ionut Paunescu, said to be behind the scam.
Pauneschu has not yet been extradited.
Alleged mastermind Kuzmin pleaded guilty to hacking and fraud charges in May 2011, while Paunescu was said to have supplied the bulletproof hosting so critical to malware operations.
Gozi turned up in 2007 and used phishing campaigns to infect millions of Windows boxes, inflicting tens of millions of dollars in losses.
The net menace continues, however. An attack against users in Japan detected last week was found to have borrowed Gozi code.
The sting that took the Gozi gang down was a joint operation of global law enforcement including the FBI, Latvian State Police; the Romanian Intelligence Service; the Romanian Directorate for Combating Organised Crime; the Romanian Directorate for Investigating Organised Crime and Terrorism, and various prosecuting agencies.